account.on.casino.fanduel.ca Open in urlscan Pro
13.226.34.125  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response account.on.casino.fanduel.ca/	36 KB 14 KB	228ms 87ms	Document text/html	13.226.34.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://account.on.casino.fanduel.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.34.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-34-125.ewr53.r.cloudfront.net Software / Resource Hash 6c471c415213b511c562bfe635b747adabcff96a5e2496f365dec08f89d22949 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-encoding gzip content-type text/html; charset=utf-8 date Tue, 27 Feb 2024 22:37:29 GMT etag W/"8f43-ybB7+zRtX01ooIfVC19PQQ" expires 0 pragma no-cache vary Accept-Encoding via 1.1 2772ea7c91d6d2b9d83ea6d082faecc8.cloudfront.net (CloudFront) x-amz-cf-id 5-EkSLnJJW-FlbfxO9kpDy5rs9NMh2UUHCokzE-VQ5EQmbYCDauK3Q== x-amz-cf-pop EWR53-C2 x-cache Miss from cloudfront
GET H2	200	osano.js Show response cmp.osano.com/6obJqSxoJRfE6CIZ/b18002a1-b1e7-4dfa-9c4e-a987d56780a0/	230 KB 60 KB	490ms 418ms	Script application/javascript	18.164.96.69 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.osano.com/6obJqSxoJRfE6CIZ/b18002a1-b1e7-4dfa-9c4e-a987d56780a0/osano.js Requested by Host: account.on.casino.fanduel.ca URL: https://account.on.casino.fanduel.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.69 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-69.jfk50.r.cloudfront.net Software CloudFront / Resource Hash d3675fbc496dc76a65c558075a8d512ac0c467f7c3dd4a63f273676027114dad Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://account.on.casino.fanduel.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Tue, 27 Feb 2024 22:37:29 GMT content-encoding br via 1.1 57a5349e40888d521545fc9b83f270a4.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload x-amz-cf-pop JFK50-P5 x-cache Miss from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 60515 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Mon, 26 Feb 2024 11:40:16 GMT server CloudFront etag "513153fa499d429a83ca235489f6d2d4" x-frame-options SAMEORIGIN vary Origin content-type application/javascript; charset=utf-8 cache-control public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform x-amz-cf-id myKNuwoj8-IzcyIuhkzLA433Jb4cVA1URdJ6c1_cnZGW9CFKjG7LPw==
GET BLOB	200 OK	9d4fee3f-439f-44c0-b65e-dffe7e1aa87f https://account.on.casino.fanduel.ca/	390 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://account.on.casino.fanduel.ca/9d4fee3f-439f-44c0-b65e-dffe7e1aa87f Requested by Host: account.on.casino.fanduel.ca URL: https://account.on.casino.fanduel.ca/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers Content-Length 390 Content-Type text/javascript
GET H2	200	38cf0d11d19ca5bc4d32.main.js Show response aw-web-assets.cpe.fanduel.ca/fd-iwa-assets/js/	2 MB 409 KB	285ms 189ms	Script application/javascript	13.225.214.23 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aw-web-assets.cpe.fanduel.ca/fd-iwa-assets/js/38cf0d11d19ca5bc4d32.main.js Requested by Host: account.on.casino.fanduel.ca URL: https://account.on.casino.fanduel.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.214.23 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-214-23.ewr50.r.cloudfront.net Software AmazonS3 / Resource Hash b50c0118e2fc8f54bdb9f739b66b63e64caa8b0bb450c9a9a5879a6fb80eec95 Request headers accept-language en-CA,en;q=0.9 Referer https://account.on.casino.fanduel.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Tue, 27 Feb 2024 22:37:31 GMT x-amz-version-id RlZ_LX_sCDuliyKQ5KlmhqwdoagM29HK content-encoding br last-modified Tue, 27 Feb 2024 16:06:57 GMT server AmazonS3 via 1.1 d50f0ffd76e03cff5d1f6328069e44e0.cloudfront.net (CloudFront) x-amz-cf-pop EWR50-C1 etag W/"7cf5548b3b5df7288fcbf595609f2d2e" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript cache-control max-age=2592000,stale-while-revalidate=86400,stale-if-error=86400,public x-amz-cf-id ZwqeB0Nk4MeOBlvWNj2Chy9jsXfKNkwXH9-FonlZaLT2jD_flf8RJw==
GET H2	200	9462a17af1d6db0d9a70.en-US.chunk.js Show response aw-web-assets.cpe.fanduel.ca/fd-iwa-assets/js/	106 KB 32 KB	140ms 140ms	Script application/javascript	13.225.214.23 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aw-web-assets.cpe.fanduel.ca/fd-iwa-assets/js/9462a17af1d6db0d9a70.en-US.chunk.js Requested by Host: cmp.osano.com URL: https://cmp.osano.com/6obJqSxoJRfE6CIZ/b18002a1-b1e7-4dfa-9c4e-a987d56780a0/osano.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.214.23 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-214-23.ewr50.r.cloudfront.net Software AmazonS3 / Resource Hash acc4d394a8f7ad9e86b59b8a267fde02ac0f054f482b0263fd6c6393bfd30d1c Request headers accept-language en-CA,en;q=0.9 Referer https://account.on.casino.fanduel.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Tue, 27 Feb 2024 22:37:31 GMT x-amz-version-id 3rP.iVVORc6rwB1SQbjWcTDiQEpfW5Xt content-encoding br last-modified Tue, 27 Feb 2024 16:37:15 GMT server AmazonS3 via 1.1 d50f0ffd76e03cff5d1f6328069e44e0.cloudfront.net (CloudFront) x-amz-cf-pop EWR50-C1 etag W/"2703d904f3ec93360e1d692fd613c807" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript cache-control max-age=2592000,stale-while-revalidate=86400,stale-if-error=86400,public x-amz-cf-id pbfVWddFEf795JSK99o8xpnSDFmzxPDNS1t0h_jGWEJbHKCFjnmmRA==
GET H2	200	396da2087e5e7ab5bbf5.create-api.chunk.js Show response aw-web-assets.cpe.fanduel.ca/fd-iwa-assets/js/	53 KB 16 KB	115ms 114ms	Script application/javascript	13.225.214.23 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aw-web-assets.cpe.fanduel.ca/fd-iwa-assets/js/396da2087e5e7ab5bbf5.create-api.chunk.js Requested by Host: cmp.osano.com URL: https://cmp.osano.com/6obJqSxoJRfE6CIZ/b18002a1-b1e7-4dfa-9c4e-a987d56780a0/osano.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.214.23 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-214-23.ewr50.r.cloudfront.net Software AmazonS3 / Resource Hash ff8513e09430f8eaba4ee018db41d3590ed1c608c55315193a542116855d2635 Request headers accept-language en-CA,en;q=0.9 Referer https://account.on.casino.fanduel.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Tue, 27 Feb 2024 22:37:31 GMT x-amz-version-id Oq.S7KZtPjQb7LHgahLbjgqDYEnZ7sSA content-encoding br last-modified Tue, 27 Feb 2024 16:37:15 GMT server AmazonS3 via 1.1 d50f0ffd76e03cff5d1f6328069e44e0.cloudfront.net (CloudFront) x-amz-cf-pop EWR50-C1 etag W/"25a3d810beb1601ced620e8c3c02f06a" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript cache-control max-age=2592000,stale-while-revalidate=86400,stale-if-error=86400,public x-amz-cf-id 92dXc9p5eyaSrc_XwFNszzNzBAnl-HnNRft40szJEe7emps9tTXpvQ==
GET H2	200	/ Show response cmp.osano.com/ Frame 7B33	4 KB 1 KB	30ms 29ms	Document text/html	18.164.96.69 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.osano.com/ Requested by Host: cmp.osano.com URL: https://cmp.osano.com/6obJqSxoJRfE6CIZ/b18002a1-b1e7-4dfa-9c4e-a987d56780a0/osano.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.69 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-69.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash d932915f06b485aab480eb817ad7e34c684cb9272fb3a1d6ec13372b15b80945 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://account.on.casino.fanduel.ca/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 54583 alt-svc h3=":443"; ma=86400 content-encoding br content-type text/html date Tue, 27 Feb 2024 07:27:48 GMT etag W/"48a0e738f84f45eb10ccd17ff6e09429" last-modified Tue, 06 Feb 2024 18:00:44 GMT referrer-policy strict-origin-when-cross-origin server AmazonS3 strict-transport-security max-age=63072000; includeSubDomains; preload vary Accept-Encoding Origin via 1.1 57a5349e40888d521545fc9b83f270a4.cloudfront.net (CloudFront) x-amz-cf-id 0TcJ3ngybXLUaS95X5id6xCZM882Xna6wkht419OQpgpOA_ECYGeiA== x-amz-cf-pop JFK50-P5 x-amz-server-side-encryption AES256 x-amz-version-id POJv8cLnvurN8PIkBGZX7_kfH6.eePMP x-cache Hit from cloudfront x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	fanduel-casino-logo.png aw-web-assets.cpe.fanduel.ca/fd-iwa-assets/graphics/company-logos/fd-casino/	2 KB 2 KB	121ms 120ms	Image image/png	13.225.214.23 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aw-web-assets.cpe.fanduel.ca/fd-iwa-assets/graphics/company-logos/fd-casino/fanduel-casino-logo.png Requested by Host: account.on.casino.fanduel.ca URL: https://account.on.casino.fanduel.ca/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.214.23 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-214-23.ewr50.r.cloudfront.net Software AmazonS3 / Resource Hash d9b279157a9f7c0c546105beb03570fac6d7dfc642e83830738d75cb1e31f4eb Request headers accept-language en-CA,en;q=0.9 Referer https://account.on.casino.fanduel.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Tue, 27 Feb 2024 22:37:31 GMT x-amz-version-id fQ0B08w4sen6NOpJwhNAlF9tyRlpH.4d via 1.1 d50f0ffd76e03cff5d1f6328069e44e0.cloudfront.net (CloudFront) last-modified Tue, 27 Feb 2024 16:37:14 GMT server AmazonS3 x-amz-cf-pop EWR50-C1 etag "a746c524308ebf8c7b0f4144e3672753" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/png cache-control max-age=2592000,stale-while-revalidate=86400,stale-if-error=86400,public accept-ranges bytes content-length 1719 x-amz-cf-id KKTnmUKxIMBK_lpMIpCYDP25Wuw286b-H-3RRTf3tUpYvwciRqVbrQ==
GET H2	200	fd-primary-blue-linear.svg aw-web-assets.cpe.fanduel.ca/fd-iwa-assets/graphics/company-logos/fanduel/	3 KB 2 KB	117ms 117ms	Image image/svg+xml	13.225.214.23 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aw-web-assets.cpe.fanduel.ca/fd-iwa-assets/graphics/company-logos/fanduel/fd-primary-blue-linear.svg Requested by Host: account.on.casino.fanduel.ca URL: https://account.on.casino.fanduel.ca/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.214.23 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-214-23.ewr50.r.cloudfront.net Software AmazonS3 / Resource Hash b92c77818f3b6b8e1c21c3799d7c2c454e3d31fe4f50db9b68ac04ffdd791beb Request headers accept-language en-CA,en;q=0.9 Referer https://account.on.casino.fanduel.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Tue, 27 Feb 2024 22:37:31 GMT x-amz-version-id eAIkQ1P5KxTZvhwU6kayLqGolbzuLrEd content-encoding br last-modified Tue, 27 Feb 2024 16:37:14 GMT server AmazonS3 via 1.1 d50f0ffd76e03cff5d1f6328069e44e0.cloudfront.net (CloudFront) x-amz-cf-pop EWR50-C1 etag W/"91b9993d7bb01c6f5a1d9bb1cd1087fd" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Miss from cloudfront content-type image/svg+xml cache-control max-age=2592000,stale-while-revalidate=86400,stale-if-error=86400,public x-amz-cf-id AojGbm0X-tJVoNQNGvoTSRHx8NlvtPPIP6a5ObiOVysE-ZPKMguHcA==
GET H2	200	main-fd-casino.jpg aw-web-assets.cpe.fanduel.ca/fd-iwa-assets/graphics/background/	18 KB 19 KB	97ms 96ms	Image image/jpeg	13.225.214.23 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aw-web-assets.cpe.fanduel.ca/fd-iwa-assets/graphics/background/main-fd-casino.jpg Requested by Host: account.on.casino.fanduel.ca URL: https://account.on.casino.fanduel.ca/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.214.23 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-214-23.ewr50.r.cloudfront.net Software AmazonS3 / Resource Hash 1705efaabbe1463762f997ac90fbe5fc90796c4fc2849ac72d380d1a8f32ccf2 Request headers accept-language en-CA,en;q=0.9 Referer https://account.on.casino.fanduel.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Tue, 27 Feb 2024 22:37:32 GMT x-amz-version-id 4aTPQj9emVilfzz.53i6cNCxOUpqsHNV via 1.1 d50f0ffd76e03cff5d1f6328069e44e0.cloudfront.net (CloudFront) last-modified Tue, 27 Feb 2024 16:37:14 GMT server AmazonS3 x-amz-cf-pop EWR50-C1 etag "910edaeacec23c84e466f8c577f23009" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/jpeg cache-control max-age=2592000,stale-while-revalidate=86400,stale-if-error=86400,public accept-ranges bytes content-length 18887 x-amz-cf-id YmTAHZyQ8kuNXLG0jOo1K2efYG7i7DjxHMO-iC1W2xDYRid5zc-QXg==
GET H2	200	ProximaNova-Regular.woff2 aw-web-assets.cpe.fanduel.ca/fd-iwa-assets/fonts/	67 KB 67 KB	210ms 144ms	Font binary/octet-stream	13.225.214.23 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aw-web-assets.cpe.fanduel.ca/fd-iwa-assets/fonts/ProximaNova-Regular.woff2 Requested by Host: account.on.casino.fanduel.ca URL: https://account.on.casino.fanduel.ca/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.214.23 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-214-23.ewr50.r.cloudfront.net Software AmazonS3 / Resource Hash 3d4e3073fc88060141a6c61a0534c7397f43a6d00107b68db836c047c937ff90 Request headers Referer https://account.on.casino.fanduel.ca/ Origin https://account.on.casino.fanduel.ca accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Tue, 27 Feb 2024 22:37:32 GMT x-amz-version-id gYBPgyJZINzG0HBCm6fVCTCOLGQnWyKj via 1.1 b4d936db4a90ac6e06d19d66ebba832e.cloudfront.net (CloudFront) x-amz-cf-pop EWR50-C1 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-length 68203 last-modified Tue, 27 Feb 2024 16:37:13 GMT server AmazonS3 etag "028eb32a21d4daaeb3c0ea0ebf3aad06" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type binary/octet-stream access-control-allow-origin * cache-control max-age=2592000,stale-while-revalidate=86400,stale-if-error=86400,public accept-ranges bytes x-amz-cf-id cVQz9atqGQV7Sswj9w9PHmge-7GN91dr3tHV1je6O6wvOwdtpVvzBA==
GET H2	200	ProximaNova-Condensed.woff2 aw-web-assets.cpe.fanduel.ca/fd-iwa-assets/fonts/	33 KB 33 KB	231ms 166ms	Font binary/octet-stream	13.225.214.23 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aw-web-assets.cpe.fanduel.ca/fd-iwa-assets/fonts/ProximaNova-Condensed.woff2 Requested by Host: account.on.casino.fanduel.ca URL: https://account.on.casino.fanduel.ca/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.214.23 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-214-23.ewr50.r.cloudfront.net Software AmazonS3 / Resource Hash 519eef1ece4bc268cef9e94e19e44391063e276d2d3e91bc1791ec71b665523e Request headers Referer https://account.on.casino.fanduel.ca/ Origin https://account.on.casino.fanduel.ca accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Tue, 27 Feb 2024 22:37:32 GMT x-amz-version-id htpA0mneQwBjdTPnANcOKBVhanylYFli via 1.1 b4d936db4a90ac6e06d19d66ebba832e.cloudfront.net (CloudFront) x-amz-cf-pop EWR50-C1 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-length 33649 last-modified Tue, 27 Feb 2024 16:37:13 GMT server AmazonS3 etag "3fcfeb3418136328628715a956e99832" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type binary/octet-stream access-control-allow-origin * cache-control max-age=2592000,stale-while-revalidate=86400,stale-if-error=86400,public accept-ranges bytes x-amz-cf-id egSlWPZYG7hlPcyiWHokzvCmWfNhSribA2udWUzD9RscWv_pVtVdxQ==
GET H2	200	ProximaNova-Bold.woff2 aw-web-assets.cpe.fanduel.ca/fd-iwa-assets/fonts/	66 KB 67 KB	196ms 132ms	Font binary/octet-stream	13.225.214.23 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aw-web-assets.cpe.fanduel.ca/fd-iwa-assets/fonts/ProximaNova-Bold.woff2 Requested by Host: account.on.casino.fanduel.ca URL: https://account.on.casino.fanduel.ca/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.214.23 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-214-23.ewr50.r.cloudfront.net Software AmazonS3 / Resource Hash a9cdb46ae19b4b7844c083bd0f3aeb5acedb7c91912bd8bfe69a048f776bb3be Request headers Referer https://account.on.casino.fanduel.ca/ Origin https://account.on.casino.fanduel.ca accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Tue, 27 Feb 2024 22:37:32 GMT x-amz-version-id 6sUSLjKVOIjgsddd.m.e3lOTQX6BFrEG via 1.1 b4d936db4a90ac6e06d19d66ebba832e.cloudfront.net (CloudFront) x-amz-cf-pop EWR50-C1 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-length 67535 last-modified Tue, 27 Feb 2024 16:37:13 GMT server AmazonS3 etag "c2bf286306e99d20edfad763427d51c9" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type binary/octet-stream access-control-allow-origin * cache-control max-age=2592000,stale-while-revalidate=86400,stale-if-error=86400,public accept-ranges bytes x-amz-cf-id 1KDYPGVKlwG-syg9aBfwCrp5OurWHJg56Oq4Z-2lCcG6btptuNvyJQ==
GET BLOB	200 OK	95a746b1-58e0-41cb-a1cb-0d2a3e8b26db https://account.on.casino.fanduel.ca/	390 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://account.on.casino.fanduel.ca/95a746b1-58e0-41cb-a1cb-0d2a3e8b26db Requested by Host: account.on.casino.fanduel.ca URL: https://account.on.casino.fanduel.ca/login Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers Content-Length 390 Content-Type text/javascript
GET H2	200	init.js Show response account.on.casino.fanduel.ca/JMCVuBG8/	36 KB 14 KB	75ms 75ms	Script text/html	13.226.34.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://account.on.casino.fanduel.ca/JMCVuBG8/init.js Requested by Host: cmp.osano.com URL: https://cmp.osano.com/6obJqSxoJRfE6CIZ/b18002a1-b1e7-4dfa-9c4e-a987d56780a0/osano.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.34.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-34-125.ewr53.r.cloudfront.net Software / Resource Hash 6c471c415213b511c562bfe635b747adabcff96a5e2496f365dec08f89d22949 Request headers accept-language en-CA,en;q=0.9 Referer https://account.on.casino.fanduel.ca/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers pragma no-cache date Tue, 27 Feb 2024 22:37:31 GMT content-encoding gzip via 1.1 2772ea7c91d6d2b9d83ea6d082faecc8.cloudfront.net (CloudFront) x-amz-cf-pop EWR53-C2 etag W/"8f43-ybB7+zRtX01ooIfVC19PQQ" vary Accept-Encoding x-cache Miss from cloudfront content-type text/html; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 x-amz-cf-id -RKedreG98nhGFa6NCDC6BQ-rYzPEkYc1zJG9hm3-wFWoer2a2GLug== expires 0
GET H3	200	/ Show response cmp.osano.com/ Frame A5E3	4 KB 1 KB	30ms 29ms	Document text/html	18.164.96.69 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.osano.com/ Requested by Host: cmp.osano.com URL: https://cmp.osano.com/6obJqSxoJRfE6CIZ/b18002a1-b1e7-4dfa-9c4e-a987d56780a0/osano.js Protocol H3 Security QUIC, , AES_128_GCM Server 18.164.96.69 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-69.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash d932915f06b485aab480eb817ad7e34c684cb9272fb3a1d6ec13372b15b80945 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://account.on.casino.fanduel.ca/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 54584 alt-svc h3=":443"; ma=86400 content-encoding br content-type text/html date Tue, 27 Feb 2024 07:27:48 GMT etag W/"48a0e738f84f45eb10ccd17ff6e09429" last-modified Tue, 06 Feb 2024 18:00:44 GMT referrer-policy strict-origin-when-cross-origin server AmazonS3 strict-transport-security max-age=63072000; includeSubDomains; preload vary Accept-Encoding Origin via 1.1 38bc9c97daf30f968ccac44ef89e14e0.cloudfront.net (CloudFront) x-amz-cf-id 1o3bs-e2nPz6MgJbvTh0oLdE-pmAjmbZSSAXwnOrJryWO_kJVEVlsw== x-amz-cf-pop JFK50-P5 x-amz-server-side-encryption AES256 x-amz-version-id POJv8cLnvurN8PIkBGZX7_kfH6.eePMP x-cache Hit from cloudfront x-content-type-options nosniff x-xss-protection 1; mode=block
POST H2	204	record Show response consent.api.osano.com/	0 437 B	128ms 127ms	XHR text/plain	18.164.116.44 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://consent.api.osano.com/record Requested by Host: cmp.osano.com URL: https://cmp.osano.com/6obJqSxoJRfE6CIZ/b18002a1-b1e7-4dfa-9c4e-a987d56780a0/osano.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.116.44 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-116-44.jfk50.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://account.on.casino.fanduel.ca/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Content-Type application/json Response headers date Tue, 27 Feb 2024 22:37:31 GMT via 1.1 b5b0850774f11b0c2514532a2d3bdc44.cloudfront.net (CloudFront) x-amz-cf-pop JFK50-P6 x-amzn-trace-id Root=1-65de642b-4aea867977497b2e3c779e2b x-amzn-requestid 116245f6-a5c2-4eef-8364-e6224d1796ad x-cache Miss from cloudfront access-control-allow-methods POST,OPTIONS access-control-allow-origin * access-control-allow-headers Accept, Authorization, Content-Length, Content-Type, Origin, X-Requested-With x-amz-apigw-id T0SWzEBoIAMEYOw= x-amz-cf-id wo4MPg_s6tO7PwhVYBRS63eiclZiapl7w2i4SaeLdEMuodPl2fKvAg==
OPTIONS H2	200	record consent.api.osano.com/ Frame	0 0	126ms 40ms	Preflight application/json	18.164.116.44 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://consent.api.osano.com/record Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.116.44 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-116-44.jfk50.r.cloudfront.net Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://account.on.casino.fanduel.ca Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers access-control-allow-headers Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token access-control-allow-methods POST,OPTIONS access-control-allow-origin * content-length 0 content-type application/json date Tue, 27 Feb 2024 22:37:31 GMT via 1.1 b5b0850774f11b0c2514532a2d3bdc44.cloudfront.net (CloudFront) x-amz-apigw-id T0SWyETJoAMEA8g= x-amz-cf-id cDNxsgn0VHZfr8WJ9nrhh5DaKSVLQF32L4pf5d-4DicPdLxOXkR7VQ== x-amz-cf-pop JFK50-P6 x-amzn-requestid d7f27b33-d72b-45f9-a0fc-2035b14216c4 x-cache Miss from cloudfront
GET H2	200	s.js Show response cdn.sift.com/	62 KB 21 KB	56ms 16ms	Script application/javascript	34.96.67.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://cdn.sift.com/s.js Requested by Host: cmp.osano.com URL: https://cmp.osano.com/6obJqSxoJRfE6CIZ/b18002a1-b1e7-4dfa-9c4e-a987d56780a0/osano.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.67.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.67.96.34.bc.googleusercontent.com Software UploadServer / Resource Hash eeedc1abe03200da1b9ad6c8d55cfc0c7a5f8c47e492d5826f64f3e719eacb76 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://account.on.casino.fanduel.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Sat, 10 Feb 2024 06:51:14 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains; preload age 1525577 x-guploader-uploadid ABPtcPpyRI66rOBUceH_tuRHcPu6rXwEwVIYEnDp1m6hSG9D_vpEHMRuae_3KomUtfv_nQUr_h475VU3 x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20500 last-modified Tue, 28 Feb 2023 22:39:30 GMT server UploadServer etag "476f50cbc514dd2a147e8856d7d6a2eb" x-goog-generation 1677623970358201 x-goog-hash crc32c=v7KhDA==, md5=R29Qy8UU3SoUfohW19ai6w== access-control-allow-origin * access-control-expose-headers * cache-control no-transform x-goog-stored-content-length 20500 accept-ranges bytes content-type application/javascript expires Sun, 09 Feb 2025 06:51:14 GMT
GET H2	200	128842.gif hexagon-analytics.com/images/	43 B 289 B	125ms 93ms	Image image/gif	34.102.232.42 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://hexagon-analytics.com/images/128842.gif?tm=27&r=772832007&v=106&cs=UTF-8&h=account.on.casino.fanduel.ca&l=en-US&S=82178b8a8f8506d94fcf674327e62dff&uu=1704c0c4b3403412ab505ded2378c0a&t=Log%20In&u=https%3A%2F%2Faccount.on.casino.fanduel.ca%2Flogin&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F122.0.6261.69%20Safari%2F537.36&nm=4&mh=fe407dda3b01b3e3c72476fe7bf9f870&np=3&ph=596d9e73a4a75c4ceee60ad7b54864b3&sh=1200&sw=1600&cd=24&p=Win32&to=480&d=60&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=4&je=false&ss=true&ls=true&in=true&db=false&tl=false&tr=false&ts=false&tb=false&ab=false&cf=12cbadb82d688a3efa72109e23f43cfa&z=z Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.232.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 42.232.102.34.bc.googleusercontent.com Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://account.on.casino.fanduel.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers pragma no-cache date Tue, 27 Feb 2024 22:37:31 GMT via 1.1 google x-content-type-options nosniff server nginx content-type image/gif cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate x-envoy-upstream-service-time 13 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 01 Jan 1970 00:00:00 GMT

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| FD boolean| AMPLITUDE_DISABLED_IN_GTM object| threatmetrix function| tmx_profiling_complete function| Osano function| __uspapi object| _sift object| webpackChunkFanDuel object| FanDuel object| DD_RUM object| litHtmlVersions object| FD_AW_Biometrics string| _pxAppId function| PXJMCVuBG8_asyncInit object| store function| _pxOnMobileCaptchaSuccess function| _pxOnCaptchaSuccess function| __siftFlashCB undefined| Sift object| PluginDetect

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.casino.fanduel.ca/	1970-01-21 04:20:33	Name: FD-User-tz Value: America/Vancouver
			.account.on.casino.fanduel.ca/	1970-01-21 03:30:09	Name: osano_consentmanager_uuid Value: 9507a8e6-11ac-4144-9278-2fd8f3a35d33
			.account.on.casino.fanduel.ca/	1970-01-21 03:30:09	Name: osano_consentmanager Value: 3JoIzsysyvFXVwvDmYnKBcls8ST7lyOfnRQkRHB26YByhU8zuHC8muqE7UeMZzQcofTaei3_lxAQHIsI-Nv3-OyIDK_fAW5L0FsCMmFptejt3V82KKPMIS_cmV0xxH50pRvwLTslTUQwIYX-rywlZA4zhXcgJ93-Q5U6EzhNkeXPj9Lx9w8yxBEiWq5P39g4IvsU2toAIvnxmdwejKOqWemGKT4mEZjKX7UPiIau_7UUtg0st0eYY38KhYWinXuPTAA8zr_vpYFKB89FOhTPY8a4Dkb68vveNxneQQ==
			.fanduel.ca/	1970-01-21 04:20:33	Name: __ssid Value: 1704c0c4b3403412ab505ded2378c0a

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.on.casino.fanduel.ca
aw-web-assets.cpe.fanduel.ca
cdn.sift.com
cmp.osano.com
consent.api.osano.com
hexagon-analytics.com
13.225.214.23
13.226.34.125
18.164.116.44
18.164.96.69
34.102.232.42
34.96.67.224
1705efaabbe1463762f997ac90fbe5fc90796c4fc2849ac72d380d1a8f32ccf2
3d4e3073fc88060141a6c61a0534c7397f43a6d00107b68db836c047c937ff90
519eef1ece4bc268cef9e94e19e44391063e276d2d3e91bc1791ec71b665523e
6c471c415213b511c562bfe635b747adabcff96a5e2496f365dec08f89d22949
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a9cdb46ae19b4b7844c083bd0f3aeb5acedb7c91912bd8bfe69a048f776bb3be
acc4d394a8f7ad9e86b59b8a267fde02ac0f054f482b0263fd6c6393bfd30d1c
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5
b50c0118e2fc8f54bdb9f739b66b63e64caa8b0bb450c9a9a5879a6fb80eec95
b92c77818f3b6b8e1c21c3799d7c2c454e3d31fe4f50db9b68ac04ffdd791beb
d3675fbc496dc76a65c558075a8d512ac0c467f7c3dd4a63f273676027114dad
d932915f06b485aab480eb817ad7e34c684cb9272fb3a1d6ec13372b15b80945
d9b279157a9f7c0c546105beb03570fac6d7dfc642e83830738d75cb1e31f4eb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeedc1abe03200da1b9ad6c8d55cfc0c7a5f8c47e492d5826f64f3e719eacb76
ff8513e09430f8eaba4ee018db41d3590ed1c608c55315193a542116855d2635